CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2001-0834

htsearch CGI program in htdig (ht://Dig) 3.1.5 and earlier allows remote attackers to use the -c option to specify an alternate configuration file, which could be used to (1) cause a denial of service (CPU consumption) by specifying a large file such as /dev/zero, or (2) read arbitrary files by uploading an alternate configuration file that specifies the target file.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.025

EPSS Ranking 84.5%

CVSS Severity

CVSS v2 Score 6.4

References

Products affected by CVE-2001-0834

Htdig » Htdig » Version: Any

cpe:2.3:a:htdig:htdig:*
Conectiva » Linux » Version: 5.0

cpe:2.3:o:conectiva:linux:5.0
Conectiva » Linux » Version: 5.1

cpe:2.3:o:conectiva:linux:5.1
Conectiva » Linux » Version: 6.0

cpe:2.3:o:conectiva:linux:6.0
Conectiva » Linux » Version: 7.0

cpe:2.3:o:conectiva:linux:7.0
Debian » Debian Linux » Version: 2.2

cpe:2.3:o:debian:debian_linux:2.2
Suse » Suse Linux » Version: 6.3

cpe:2.3:o:suse:suse_linux:6.3
Suse » Suse Linux » Version: 6.4

cpe:2.3:o:suse:suse_linux:6.4
Suse » Suse Linux » Version: 7.0

cpe:2.3:o:suse:suse_linux:7.0
Suse » Suse Linux » Version: 7.1

cpe:2.3:o:suse:suse_linux:7.1
Suse » Suse Linux » Version: 7.2

cpe:2.3:o:suse:suse_linux:7.2
Suse » Suse Linux » Version: 7.3

cpe:2.3:o:suse:suse_linux:7.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2001-0834

Products

Pricing

Contact Us